As a CSIRT Cyber Security officer you will join the CISO Solutions and Services team within the NMBS CISO organization (Cyber- and Information Security Office). You will contribute to the daily incident response activities including threat detection, incident handling, threat hunting as well as propose and execute improvement actions, interact with the staff of NMBS (including its affiliates) and the security services providers.
Incident handling and response
As member of a dynamic CSIRT team you will need to be able to respond adequately to cyber security incidents by working together with fellow CSIRT officers and any possible stakeholders. CSIRT members analyze, isolate and remove threats in a timely fashion and document their cases, create or improve standard operating procedures, playbooks and knowledgebase articles. CSIRT members are able to explain security threats to end-users as well as system, application and network administrators.
Threat detection and hunting
As a CSIRT professional you will be analyzing escalated incidents originating from a 3rd party SOC service and analyze alerts from custom built tools that monitor Active Directory, public exposure and the SNCB brand and analysis of phishing emails reported to CSIRT. You will also perform threat hunting on collected data and contribute to the development of analytical rules and automation.
Vulnerability management
As a CSIRT officer you will collect the vulnerabilities on all NMBS assets, IT as well as OT, interpret and aggregate the results. You provide appropriate support to the risk and compliance teams and technical support to remediate the vulnerabilities with the help of the cyber support team.
Our offer
Within our open corporate culture, you contribute to the digital transformation of SNCB. You will have a job with social impact and ample opportunity to make your own contribution. In addition to a good work-life balance and a market-related salary, you have:
Nog een vraag?
Contacteer onze HR Business partner
Julie Verstichel
Neem contact op